﻿#region 命名空间

using System;
using System.Data;
using System.Linq;
using System.Threading;
using System.Web;
using System.Web.Security;
using WinnerCMS.Common;
using WinnerCMS.Data;
using WinnerCMS.Model;

#endregion

namespace WinnerCMS.BLL
{
    /// <summary>
    /// BLL_Admin_Login 的摘要说明。
    /// </summary>
    public class LoginManage
    {
        private readonly UserDal Dal = new UserDal();

        /// <summary>
        /// 登录系统
        /// </summary>
        /// <param name="model"></param>
        /// <param name="passCode"></param>
        /// <param name="autoLogin"></param>
        /// <returns></returns>
        public Result TryLoginSystem(User model, string passCode, bool autoLogin)
        {
            Result resu = new Result();

            if (model.UserName.Length == 0)
            {
                resu.Errors = "用户名不能为空！";
                return resu;
            }
            if (model.PassWord.Length == 0)
            {
                resu.Errors = "请输入密码！";
                return resu;
            }
            CMSConfig config = CMSConfig.Instance();
            if (config.PassCode && !autoLogin)
            {
                if (string.IsNullOrEmpty(passCode))
                {
                    resu.Errors = "请输入验证码！";
                    return resu;
                }
                if (HttpContext.Current.Session["Admin"] == null)
                {
                    resu.Errors = "验证码过期！";
                    return resu;
                }
                if (passCode != HttpContext.Current.Session["Admin"].ToString())
                {
                    HttpContext.Current.Session.Remove("Admin");
                    resu.Errors = "填写的验证码与所给的不符！";
                    return resu;
                }
            }

            User user = this.Dal.GetInfo(model.UserName);
            if (user == null)
            {
                resu.Errors = "您输入的密码或者用户名错误！";
                return resu;
            }

            if (autoLogin == false)
            {
                model.PassWord = Hash.Md5(model.PassWord);
            }
            if (model.PassWord.Equals(user.PassWord, StringComparison.CurrentCultureIgnoreCase) == false)
            {
                HttpContext.Current.Session.Remove("Admin");

                resu.Errors = "您输入的密码或者用户名错误！";

                if (autoLogin == false)
                {
                    Log logModel = new Log
                    {
                        Type = "登录系统",
                        Event = model.UserName + "于 " + DateTime.Now + " 登录系统失败，输入的密码或者用户名错误！"
                    };
                    LogManage.Add(logModel);

                    #region  保存登录记录

                    SecurityCenter sc_model = new SecurityCenter
                    {
                        UserName = model.UserName,
                        Remark = "登录系统失败，输入的密码或者用户名错误！",
                        IP = HttpClient.GetIP(),
                        Type = 2
                    };
                    SecurityCenterManage.Add(sc_model);

                    #endregion
                }
                return resu;
            }
            model.LastLoginIP = HttpClient.GetIP();
            if (autoLogin == false)
            {
                #region  保存登录记录

                SecurityCenter sc_model = new SecurityCenter();
                sc_model.UserName = model.UserName;
                sc_model.Remark = "登录成功！";
                sc_model.IP = HttpClient.GetIP();
                sc_model.Type = 2;
                SecurityCenterManage.Add(sc_model);

                #endregion

                this.Dal.Logined(user.Id, HttpClient.GetIP());
            }

            FormsAuthentication.SetAuthCookie(model.UserName, false);


            //保存登录的用户名
            HttpCookie objCookie = new HttpCookie("Logined_UserName", model.UserName)
            {
                HttpOnly = true,
                Expires = DateTime.Now.AddDays(30)
            };
            HttpContext.Current.Response.Cookies.Add(objCookie);

            resu.Errors = string.Empty;

            return resu;
        }

        [Logging("{user}退出系统"), ExceptionCall]
        public void Logout()
        {
            FormsAuthentication.SignOut();

            HttpContext.Current.Session.Remove("User");
            HttpContext.Current.Response.Redirect("Login.aspx");
        }
    }
}